It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. Both are important at their…
Tag: The State of Security
CISA on Iran’s Cyber Threat: It’s Time to Review Your Cyber Security Posture!
Following the recent U.S. operation in Iraq which resulted in the killing of Iranian General Qassem Soleimani, Iran warned that it will retaliate. Although the international community and both involved countries have taken steps to deescalate the crisis, it is…
Introducing the New MITRE ATT&CK Framework for Industrial Control Systems
On January 7th, MITRE released ATT&CK for Industrial Control Systems, a taxonomy of real-world cyber adversarial behavior targeting ICS or industrial control systems. These systems operate critical infrastructure in manufacturing and utility industries, and they are popular targets in financial…
DSG Retail Limited Fined £500K by ICO Following Malware Attack
The UK Information Commissioner’s Office (ICO) fined DSG Retail Limited £500,000 following a malware attack that affected millions of the retailer’s customers. As the result of an investigation, the ICO learned that the DSG Retail Limited had suffered a security…
Man jailed for using webcam RAT to spy on women in their bedrooms
A British man has been jailed for two years after police caught him using a notorious Remote Access Trojan (RAT) to hijack the webcams of young women, and spy upon them. The post Man jailed for using webcam RAT to…
Alomere Health Notifies Patients of Employee Email Compromise
Alomere Health said that it’s begun notifying patients of a security incident that involved the compromise of two employees’ email accounts. According to a statement posted to its website, Alomere Health began notifying its patients on January 3, 2020 of…
Tripwire Patch Priority Index for December 2019
Tripwire’s December 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Citrix, Microsoft, Django, and Adobe. Critical Vulnerabilities: Up first on the patch priority list this month is a critical arbitrary code execution vulnerability for the Citrix ADC application.…
Citrix NetScaler CVE-2019-19781: What You Need to Know
Just before the holidays, Citrix announced that their Citrix Application Delivery Controller (ADC) and Citrix Gateway are prone to a vulnerability which can allow remote unauthenticated attackers to execute code on vulnerable gateways. This led to a wave of alarming…
SNAKE Ransomware Targeting Entire Corporate Networks
Security researchers have observed samples of the new SNAKE ransomware family targeting organizations’ entire corporate networks. Discovered by MalwareHunterTeam and analyzed by Vitali Kremez, SNAKE is written in Golang and contains a high level of obfuscation. Upon successful infection, the…
Malware in the Cloud: Protecting Yourself Based on Your Cloud Environment
In some ways, the cloud has made security management easier, as many cloud providers have taken the responsibilities traditionally associated with local server management out of your hands. But in other ways, the security management conversation has become more confusing…
From Good to Great – Building on ICS Security Basics
Most industrial organizations are behind the curve when it comes to cybersecurity, facing mounting complexities like the IIoT, the skills gap and the IT/OT divide. But what about industrial organizations that are already taking steps in the right direction and…
VERT Threat Alert: Citrix NetScaler/ADC Critical Flaw (CVE-2019-19781)
Vulnerability Description Citrix has indicated that an unauthenticated attacker can exploit this flaw to perform arbitrary code execution. Although details from Citrix are minimal, VERT’s research has identified three vulnerable behaviors which combine to enable code execution attacks on the…
Canyon Bicycles Revealed that Digital Attackers Accessed Its IT Systems
Canyon Bicycles revealed that malicious individuals succeeded in accessing its IT systems as the result of a digital attack. The German bike manufacturer announced in a press release that the digital attack occurred shortly before the turn of the year.…
Navigating ICS Security: The Value of Frameworks
Since the implementation of the General Data Protection Regulation (GDPR) on 25 May 2018, organizations and even private citizens have globally begun to re-assess what it means to ‘take security seriously’ and to better understand the massive difference between security…
Company Told Employees to Seek Other Work After Ransomware Attack
A marketing agency told its employees that they were free to seek other employment after suffering a ransomware infection. On January 2nd, the Heritage Company released a statement in which it explained that it had made some progress in its…
CIP-003-7 Deadline Looms: Transient Cyber Assets and Removable Media in 2020
Standard CIP-003 exists as part of a suite of Critical Infrastructure Protection (CIP) Standards related to cybersecurity that require the initial identification and categorization of BES Cyber Systems and require organizational, operational, and procedural controls to mitigate risk to BES…
Climbing the Vulnerability Management Mountain: Reaching Maturity Level 3 – Base Camp
ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than…
Travelex Temporarily Disabled All Its Systems Following a Malware Attack
Foreign exchange company Travelex announced that it had temporarily disabled all of its systems following a malware attack. Twitter user Izzy Fergus first noticed something was wrong when she attempted to visit travelex.co.uk and saw a runtime error message. When…
How to Achieve Compliance with NIS Directive
Network and information systems (NIS) and the essential functions they support play a vital role in society from ensuring the supply of electricity, water, oil and gas to the provisioning of healthcare and the safety of passenger and freight transport.…
Tripwire Enterprise and Zero Trust
Zero Trust is a new concept to many but one I believe will be of increasing importance over the coming years. With this post, I wanted to introduce newcomers to the concept, talk about why it’s an exciting approach to…
Landry’s Notifies Customers of Payment Card Incident
Dining, hospitality and entertainment corporation Landry’s notified customers of a security incident that might have affected their payment card data. On December 31, Landry’s revealed that it first learned of the incident after it detected unauthorized activity on the payment…